fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

QNAP Warns Of Ongoing Brute-Force Attacks Against NAS Devices

QNAP Warns Of Ongoing Brute-Force Attacks Against NAS Devices

QNAP warns customers of ongoing attacks targeting QNAP NAS (network-attached storage) devices and urges them to enhance their security as soon as possible.

In these attacks, the threat actors use automated tools to login into Internet-exposed NAS devices using passwords generated on the spot or from lists of previously compromised credentials.

“Recently QNAP has received multiple user reports of hackers attempting to log in to QNAP devices using brute-force attacks – where hackers would try every possible password combination of a QNAP device user account,” the company warned.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

“If a simple, weak, or predictable password is used (such as ‘password’ or ‘12345’) hackers can easily gain access to the device, breaching security, privacy, and confidentiality.”

After guessing the right combination, they get full access to the targeted device, allowing them to gain access to and steal sensitive documents or deploy malware.

If the attackers fail to brute-force their way in, the NAS devices’ system logs will record the attempts and log them with “Failed to login” warning messages.

Brute-force attacks targeting QNAP NAS admin devices (QNAP)

How to secure your QNAP NAS device

QNAP advises customers to secure their NAS devices by changing the default access port number, using strong passwords for their accounts, enabling password policies, and disabling the admin account targeted in these ongoing attacks.

Before disabling the admin account, you will first have to create a new system administrator account by going into Control Panel > Users.

You will then be able to disable the default ‘admin’ administrator account on QNAP NAS devices running QTS 4.1.2 or later versions, using the following steps:

  • Go to Control Panel > Users and edit the “admin” account profile.
  • Tick the “Disable this account” option and select “OK”.

Furthermore, you can also configure the NAS device to automatically block IP addresses behind multiple numbers of ailed login attempts.

You can do this by customizing the device’s security settings from the NAS Control Panel > System > Security > IP’ Access Protection’ tab.

IP Access Protection (QNAP)

QNAP NAS owners should also go through the following checklist to secure their NAS devices and check for malware:

  • Change all passwords for all accounts on the device
  • Remove unknown user accounts from the device
  • Make sure the device firmware is up-to-date and all of the applications are also updated
  • Remove unknown or unused applications from the device
  • Install QNAP MalwareRemover application via the App Center functionality
  • Set an access control list for the device (Control panel -> Security -> Security level)

NAS devices are an attractive target

Threat actors regularly target NAS devices to steal sensitive documents or deploy info-stealing malware since they are usually used to backup and share sensitive files.

In June 2019, an eCh0raix Ransomware (aka QNAPCrypt) campaign also targeted QNAP NAS devices with weak passwords in brute-force attacks.

eCh0raix returned one year later, once again attempting to gain access to publicly-exposed QNAP devices by brute-forcing accounts with weak passwords or exploiting known vulnerabilities.

While a decryptor was released to decrypt files encrypted by some eCh0raix versions for free, the ransomware’s developer has since fixed the code weakness.

Also Read: Data Protection Officer Singapore | 10 FAQs

At the moment, there is no way to recover files for free unless you have enabled QNAP’s Snapshot service.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us